BlackBerry Ltd. is denying it uses a flawed encryption algorithm in any of its products, although the company will support the encryption in some cases if a customer chooses to use it.
On Monday, the Globe and Mail reported about an encryption algorithm that, despite being shown by security researchers to have a back door that could render the encryption useless, was still officially blessed by government agencies in the U.S. and Canada to protect sensitive government information. The algorithm, called Dual_EC, was included for more than six years on the Cryptographic Module Validation Program – a joint effort by the U.S. National Institute of Standards and Technology and the Communications Security Establishment Canada.
Because it was officially blessed by the agencies, the algorithm was implemented by dozens of technology companies. According to an NIST document, one of those companies is BlackBerry, which owns the Mississauga security firm that first patented the ideas behind Dual_EC.
However. BlackBerry denies the flawed algorithm is used in the company’s products.
In a statement to the Globe and Mail on Monday, a BlackBerry spokeswoman said: “BlackBerry does not use the Dual EC DRBG algorithm in our products. We work closely with certification authorities around the world to validate the security of our products, and remain confident in the superiority of our mobile platform for customers using our device and enterprise server technology. BlackBerry public statements and principles have long underscored that there is no ‘back door’ to our platform. Our customers can rest assured that BlackBerry mobile security remains the best available solution to protect their mobile communications.”
Asked how that statement squares with a CMVP document that shows BlackBerry implemented Dual_EC encryption in several instances, the company sent a second statement later in the day:
“It is presented in the CMVP documents because [this particular] algorithm is supported within the VPN client and can be made available. However, BlackBerry’s default configuration does not require a VPN. If customers deploy a VPN, it may include the algorithm, which we do support. The configuration and choice of the VPN is left to the customers’ discretion. Dual EC DRBG is not supported by the BlackBerry encryption schemes used to protect data at rest or in transit using BlackBerry’s proven secure data transport protocols.”
A Virtual Private Network is way to extend a private network (for example, a company’s internal intranet) across a wider network, such as the Internet. In effect, the BlackBerry statement appears to indicate that, should a BlackBerry customer choose to use Dual_EC encryption on such a network while running BlackBerry devices and services, the company’s technology will support it.
In 2005, researchers at a Mississauga technology company called Certicom filed a patent application for an encryption algorithm that relies on the mathematical concept of elliptic curves. In the patent filings, the researchers noted that a feature of the algorithm allows anyone with a certain “key” to bypass the encryption – listing law enforcement agents as a group that may be interested in such functionality.
Two years later, the NIST issued a new CMVP-approved algorithms list. Among the encryption algorithms listed was something called Dual Elliptic Curve Deterministic Random Bit Generator, or Dual_EC_DRBG for short.
As many security researchers quickly pointed out, the algorithm seemed to contain exactly the sort of secret key back door described in the Certicom patent. But despite repeated warnings from the cryptographic community, NIST continued giving its blessing to the technology until late last year, after a flood of revelations from Edward Snowden pointed to the NSA as the holder of the secret key – essentially meaning the spy agency could crack the encryption at will. Additionally, a Reuters story revealed the NSA had paid $10-million to security firm RSA in exchange for RSA maintaining the algorithm as the default encryption in the software it sells to customers.
BlackBerry bought Certicom in 2009. In the process, the company also acquired the patents on elliptic curve encryption.
However Certicom’s relationship with the NSA dates back to well before the 2005 patent application. According to a Certicom press release, the company signed a $25-million contract with the NSA in 2003 to give the spy agency “extensive licensing rights” to Certicom’s elliptic curve encryption technology.
“Certicom is committed to providing technology that meets the U.S. Government’s highest standards to secure and protect its most sensitive information,” Ian McKinnon, president and CEO of Certicom, said in a statement at the time. “With NSA’s decision to purchase a licence from Certicom for [eliptic curve encryption technology], Certicom is well-positioned to drive the adoption of our technologies and intellectual property in new markets that need strong security.”
According to the Certicom press release, the NSA deal was facilitated through the Canadian Commercial Corporation, Canada’s export contracting agency.